The bgplg CGI program is a looking glass for
the bgpd(8) Border Gateway
Protocol daemon. The looking glass will provide a simple web interface with
read-only access to a restricted set of
bgpd(8) and system status
information, which is typically used on route servers by Internet Service
Providers (ISPs) and Internet eXchange points (IXs). It is intended to be used
in a chroot(2) environment in
/var/www.

bgplg is disabled by default. It requires
four steps to enable the looking glass:

Update the file permission mode to allow the execution of the
bgplg CGI program and the additional
statically linked programs that have been installed into the
chroot(2) environment.

For example, to allow execution of bgplg
and the statically-linked version of
bgpctl(8):

# chmod 0555 /var/www/cgi-bin/bgplg
# chmod 0555 /var/www/bin/bgpctl

External commands like ping(8)
and others will be hidden from the looking glass command list unless given
the correct permissions. See the
FILES section below for the
list of installed programs.

The following statically linked executables have been installed into the
chroot(2) environment of the
httpd(8) server. To enable the
corresponding functionality, use the
chmod(1) utility to manually set
the file permission mode to 0555 or anything appropriate. Some of these
executables need the set-user-ID bit, so they should be mounted on a
filesystem without the nosuid option.

To prevent commands from running endlessly,
bgplg will kill the corresponding processes
after a hard limit of 60 seconds. For example, this can take effect when using
traceroute(8) with
blackholed or bad routes.